Research On Web Attack Detection System And Algorithm Security Based On Machine Learning

Machine learning has the advantages of high degree of automation,fast detection speed,and good at finding variant samples in attack detection.However,when using machine learning to detect Web attacks,there are still problems that the detection accuracy needs to be improved and the security risks of the algorithm itself.The main reason for the accuracy to be improved is that in the feature extraction stage,if the feature vector is selected too much,it will cause the model to overfit and affect the efficiency of the algorithm;if the feature vector selection is small,it will produce a large number of false positives and false negatives.The main reason for the hidden danger of algorithm security is that the training set of the machine learning model is easy to be used by attackers during the data collection and model training stages,which can interfere with the judgment result of the model.Aiming at the problem that the accuracy of traditional machine learning Web attack detection needs to be improved,this paper proposes a Web attack detection scheme based on information carrying,mainly for SQL injection attacks and XSS attack detection.This solution adds a tagger and a content matching module on the basis of machine learning detection.The tagger is used to detect sensitive information in the sample,and the content matching module is used to perform feature item matching on the sample.In order to improve the detection efficiency,a feature item matching method is proposed in the content matching module.This method includes two different content matching modes,which are suitable for attack detection in different scenarios.In order to make a reasonable selection of the matching mode in the content matching module and improve the accuracy of detection,this solution simplifies the detection results of machine learning and markers into information values,and the content matching module dynamically selects based on the information values carried by the samples.Simulation experiment results show that this scheme can quickly and effectively detect Web attacks.On this basis,this article applies the information-carrying Web attack detection scheme to the actual Web system to prove the practical application value of the scheme.This paper simply implements a web attack detection system with separation of front and back ends,mainly using front-end technology to simulate input box attack scenarios,and back-end technology to detect user input and interact with the database.The final system test proved that this system can realize the basic functions of product browsing,product search and detecting user input content,and the user experience is good.Aiming at the security risks of traditional machine learning algorithms,this paper takes the SVM algorithm in the linear model as the research object,firstly analyzes the security issues of the linear SVM algorithm in the confrontation environment,and gives specific attack strategies.Secondly,an improved algorithm s-SVM,which uses the weight variance threshold to reduce the discreteness of weights,is proposed,and the design and implementation process of the algorithm are elaborated.Finally,theoretical analysis and experimental comparison show that the s-SVM algorithm can still maintain high detection accuracy in a confrontation environment,proving its safety.